Can you sign my Business Associate Agreement?
The HIPAA Privacy Rule requires all Covered Entities to have a signed Business Associate Agreement (BAA) with any Business Associate (BA) they hire that may come in contact with PHI.
We do not interact with your data in any way aside from specific Help Desk situations. In the event Help Desk personnel need to come in contact with your data, and EES doesn’t have a BAA on file, you will be informed that we need a BAA prior to reviewing your data. Then, a BAA will be provided for electronic signature.
Otherwise, there is no legal basis for providing you with a BAA (discuss this with your attorney and/or review this DHHS FAQ article regarding 45 CFR 164.502(e), 164.504(e), 164.532(d) and (e) here).
Regardless, we’re happy to provide a BAA agreement for signature at your request.